mirror of
https://github.com/vincentmli/bpfire.git
synced 2026-04-27 03:07:43 +02:00
b76d0433be
Imported from: https://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/server/core.c?r1=1805223&r2=1807754&pathrev=1807754&view=patch For details see: https://nvd.nist.gov/vuln/detail/CVE-2017-9798 Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
16 lines
781 B
Diff
16 lines
781 B
Diff
--- server/core.c 2017/08/16 16:50:29 1805223
|
|
+++ server/core.c 2017/09/08 13:13:11 1807754
|
|
@@ -2262,6 +2262,12 @@
|
|
/* method has not been registered yet, but resource restriction
|
|
* is always checked before method handling, so register it.
|
|
*/
|
|
+ if (cmd->pool == cmd->temp_pool) {
|
|
+ /* In .htaccess, we can't globally register new methods. */
|
|
+ return apr_psprintf(cmd->pool, "Could not register method '%s' "
|
|
+ "for %s from .htaccess configuration",
|
|
+ method, cmd->cmd->name);
|
|
+ }
|
|
methnum = ap_method_register(cmd->pool,
|
|
apr_pstrdup(cmd->pool, method));
|
|
}
|